Jason Tanner wrote:
>
> I am thinking of using the OpenSSL library for a project I am working on
> but have a couple of questions.
>
> Perhaps someone in the know could answer them for me.
>
> 1. It would seem that the SSL/TLS library does not include the
> Blowfish crypto algorithm when registering all the algorithms it
> will support. (See SSL_library_init in ssl_algs.c)
>
> Was there a particular reason for this? If not then any tips on
> what I would have to do to include it?
>
There is currently no standard for using Blowfish with SSL/TLS and there
is no SSL/TLS mechanism for specifying arbitrary algorithms, as such you
can't do this in any standard way unless you mark them as "experimental
ciphersuites" which are guaranteed not to interop with anything else.
There is however a discussion about using Blowfish with TLS in the IETF
TLS mailing list.
> 2. Eventually I would like to add Twofish and a variant of Diffie-Hellman
> to the crypto library. Are there already plans for adding Twofish and
> perhaps the other AES candidates? If not, then are there any pitfalls
> I should be wary of?
>
AES is certainly planned when things have calmed down a bit and some
more concrete information is available about things like ASN1 structures
and other stuff.
Adding asymmetric crypto algorithms is currently painful but there are
plans to make this easier.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
